CVE-2025-46293PATCHED

apple · macos

CVE-2025-46293: This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app may be ab

Description

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data.

Affected Products

Vendor	Product	Versions
apple	macos	0, 15.3

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
apple	macos	cert_advisory	90%
su	suse linux	cert_advisory	90%

References

https://support.apple.com/en-us/122373

Related News (2 articles)

Tier B

BSI Advisories17d ago

[UPDATE] [hoch] Apple macOS: Mehrere Schwachstellen

→ No new info (linked only)

Tier C

VulDB18d ago

CVE-2025-46293 | Apple macOS up to 15.3 symlink

→ No new info (linked only)

CVSS 3.15.5 CRITICAL

VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA KEV❌ No

Actively exploited❌ No

Patch available

15.4

PublishedJun 11, 2026

Last enriched18d agov2

Trending Score6

Source articles2

Independent2

Info Completeness8/14

Missing: epss, cwe, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-43715EXP

CVE-2026-43715: A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 a

Trending: 56

CRITICALCVE-2026-43731EXP

CVE-2026-43731: A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 a

Trending: 56

CRITICALCVE-2026-43699EXP

CVE-2026-43699: A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 a

Trending: 51

CRITICALCVE-2026-43709EXP

CVE-2026-43709: A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 a

Trending: 51

CRITICALCVE-2026-43718EXP

CVE-2026-43718: A stack overflow was addressed with improved input validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPad

Trending: 51

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Jun 11, 2026

Discovered by ZDM

Jun 11, 2026

Patch Available

Jun 11, 2026

Updated: severity, affectedVersions

Jun 11, 2026

Version History

Last enriched 18d ago

v2Tier C18d ago

Updated severity to CRITICAL and added affected version 15.3.

severityaffectedVersions

via VulDB

v118d ago

Initial creation